Sunday, February 27, 2011

CAC PIN Scam Alert

This is probably a little late.  As a contractor, we get these notices a little late; my guess is that this came out near the beginning of February.  Of course, the entity that sent our company the alert told us not to click on the link (sound advice) but left the link active in the note.  The SPAM that is circulating has been reproduced below:

Subject: IMMEDIATE ACTION REQUIRED: CAC PIN length increases

Recent world events have uncovered a potential weakness in DoD Common Access
Card (CAC) security systems using a PIN length of less  than 10 digits.
Therefore a new requirement has been established that calls for PIN length
to be at least 10 digits and no more than 14 digits.  Security systems DoD
wide will begin imposing the new restriction on 10-FEB-2011.  In order to
handle the high volume of CAC PIN resets, an automated CAC PIN Reset site
has been stood up.

Please log in to hxxp://www(dot)activeident(dot)com/DoD immediately and
establish your new PIN with the increased length requirement.

NOTE:  If you fail to establish your new PIN before the new restrictions are
imposed, you will need to visit a CAC issuance location before you will be
able to access the network.

SOURCE: Directorate of Plans, Training, Mobilization and Security Plans and
Operations Division Fort Bliss, Texas 79916

I have never heard of CAC PINs being reset over the web, so right away I would be skeptical.  If you receive an email like this, immediately check with your Facility Security Officer and do not click the link.

No comments:

Post a Comment